Demisto has announced integration with Amazon Web Services (AWS)
June 2018 by Marc Jacob
Demisto has announced integration with Amazon Web Services (AWS) to allow customers to automate tasks across AWS services. As the first SOAR platform to integrate with AWS, Demisto’s keyless, zero-trust model allows for execution sans long-term credentials, allowing users to unify workflows across their cloud and on-premise infrastructure, from one console, in a secure manner.
Through this integration with AWS, Demisto customers are now able to use a single orchestration platform to consume alerts for their cloud infrastructure and coordinate response and operational actions across their cloud and on-premise environments, vastly simplifying their security management solutions. Demisto has ensured maximum ease of use via identity and access management (IAM) roles that orchestrate across AWS products, delivering a streamlined solution that does not require the transfer and management of long-term credentials for various AWS environments.
With the adoption of cloud services driving a new wave of security challenges, the influx of a high volume of security alerts poses a problem to cybersecurity teams. Responding to security incidents in such environments can often result in a disconnect between cloud infrastructures and traditional security tools, requiring multiple consoles to coordinate and more time to execute repetitive tasks. With this integration, Demisto customers can automate response and operational tasks across AWS services such as S3, EC3, IAM, GuardDuty, and Route 53, providing them with an efficient, unified solution.
Demisto Enterprise integrates with more than 180 security products and enables organizations to build playbooks for different security operations. Demisto’s solution has helped security operations center (SOC) teams reduce the number of alerts requiring human review by as much as 95 percent. It also solves the ever-growing problem of product fatigue – where analysts need to learn more and more products to mitigate threats throughout their infrastructure. By working in a platform that integrates with all major security products such as security information and event management (SIEM), network, threat hunting, and end-point, it provides a comprehensive view into incident response.